UBUNTU-CVE-2026-44673

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

CVE-2026-44673 libyang: lyb_read_string() integer overflow → heap buffer overflow

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

EUVD-2026-30484

libyang is a YANG data modeling language library. Prior to SO 5.2.15, lybreadstring in src/parserlyb.c contains an integer overflow that results in a heap buffer overflow when parsing a maliciously crafted LYB binary blob. An attacker who can supply LYB data to any libyang consumer NETCONF server...

CVE-2024-31921

Cross-Site Request Forgery CSRF vulnerability in Etoile Web Design Ultimate Product Catalogue.This issue affects Ultimate Product Catalogue: from n/a through 5.2.15...

PT-2024-24284 · Etoile · Etoile Web Design Ultimate Product Catalogue

Name of the Vulnerable Software and Affected Versions: Etoile Web Design Ultimate Product Catalogue versions through 5.2.15 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions o...

WordPress plugin WP Basic Elements 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress 5.2.x < 5.2.15 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A stored cross-site scripting XSS vulnerability exists via wpfilterglobalstylespost. - A prototype pollution exists via the Gutenberg wordpress/url package. Note that the...

PHP <5.2.15 EXTR_OVERWRITE 安全模式绕过漏洞

No description provided by source...

php-filter -- Denial of Service

The following DoS condition in filter extension was fixed in PHP 5.3.4 and PHP 5.2.15: Stack consumption vulnerability in the filtervar function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTERVALIDATEEMAIL mode is used, allows remote attackers to cause a denial of service memory...

Phorum Cross-Site Scripting Vulnerability

This host is running Phorum and is prone to cross-site scripting vulnerability. OpenVAS Vulnerability Test $Id: secpodphorumxssvuln.nasl 5401 2017-02-23 09:46:07Z teissa $ Phorum Cross-Site Scripting Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2010 SecPod, http://www.secpod.com This...

CommuniGate Pro WebMail < 5.2.15 XSS

According to its banner, the remote web server is from a version of CommuniGate Pro older than 5.2.15. The webmail component of such versions fails to correctly parse plaintext email messages containing malicious URL links before displaying the message to the user. By sending a specially crafted...

CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability

CommuniGate Pro is prone to an HTML-injection vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...